Plasma-nm editor has a setting for each primary connection "Automatically connect to VPN when using this connection". If this setting is used, plasma-nm should block all connections while this secondary VPN connection is being prepared because otherwise internet-using programs might leak real network info or send something via unsecure wifi. This may also happen if the primary connection suddenly disconnects you and if you have "connect automatically" enabled - it is very likely that programs like instant messengers, email clients and even pages opened in browser which use some kind of javascript to refresh constantly will send the data through unsecure connection while VPN is being prepared, and that's why it's even more important to implement this. Reproducible: Always Steps to Reproduce: 1. Open skype 2. Connect to wifi network with some vpn set to connect automatically 3. Reboot the router or make wifi disappear some other way Actual Results: When wifi is restored back, skype or any other program gets connectivity even before VPN connection is established, leaking your IP. Then, when VPN is ready, it disconnects and connects again using VPN tunnel. Expected Results: Skype or any other program should not be able to use internet while the secondary connection is still being prepared.
I'm sorry, but this is not something what could be done in plasma-nm. You have to go directly to NetworkManager developers.
(In reply to Jan Grulich from comment #1) > I'm sorry, but this is not something what could be done in plasma-nm. You > have to go directly to NetworkManager developers. I found that it's now reported to the NetworkManager developers: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/118
Bulk transfer as requested in T17796